1
0
Fork 0
mirror of https://github.com/pgpainless/pgpainless.git synced 2024-12-27 13:28:00 +01:00

Split KeyFlagSelectionStrategies up into Has{Any|All}KeyFlagsSelectionStrategy

This commit is contained in:
Paul Schaub 2021-01-09 20:55:19 +01:00
parent 83362816d0
commit c89558a01b
Signed by: vanitasvitae
GPG key ID: 62BEE9264BF17311
6 changed files with 126 additions and 25 deletions

View file

@ -441,6 +441,12 @@ public class EncryptionBuilder implements EncryptionBuilderInterface {
new EncryptionKeySelectionStrategy(flags));
}
SecretKeySelectionStrategy signingKeySelector() {
return new And.SecKeySelectionStrategy(
new NoRevocation.SecKeySelectionStrategy(),
new SignatureKeySelectionStrategy());
}
private static KeyFlag[] mapPurposeToKeyFlags(EncryptionStream.Purpose purpose) {
KeyFlag[] flags;
switch (purpose) {
@ -458,10 +464,4 @@ public class EncryptionBuilder implements EncryptionBuilderInterface {
}
return flags;
}
SecretKeySelectionStrategy signingKeySelector() {
return new And.SecKeySelectionStrategy(
new NoRevocation.SecKeySelectionStrategy(),
new SignatureKeySelectionStrategy());
}
}

View file

@ -15,6 +15,8 @@
*/
package org.pgpainless.key.selection.key.impl;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.annotation.Nonnull;
import org.bouncycastle.openpgp.PGPPublicKey;
@ -26,14 +28,26 @@ import org.pgpainless.key.selection.key.PublicKeySelectionStrategy;
*/
public class EncryptionKeySelectionStrategy extends PublicKeySelectionStrategy {
private final HasKeyFlagSelectionStrategy.PublicKey keyFlagSelector;
public static final Logger LOGGER = Logger.getLogger(EncryptionKeySelectionStrategy.class.getName());
private final HasAnyKeyFlagSelectionStrategy.PublicKey keyFlagSelector;
public EncryptionKeySelectionStrategy(KeyFlag... flags) {
this.keyFlagSelector = new HasKeyFlagSelectionStrategy.PublicKey(flags);
this.keyFlagSelector = new HasAnyKeyFlagSelectionStrategy.PublicKey(flags);
}
@Override
public boolean accept(@Nonnull PGPPublicKey key) {
return key.isEncryptionKey() && keyFlagSelector.accept(key);
boolean isEncryptionKey = key.isEncryptionKey();
boolean hasAppropriateKeyFlags = keyFlagSelector.accept(key);
if (!isEncryptionKey) {
LOGGER.log(Level.FINE, "Key algorithm is not suitable of encryption.");
}
if (!hasAppropriateKeyFlags) {
LOGGER.log(Level.FINE, "Key " + Long.toHexString(key.getKeyID()) + " does not carry ");
}
return isEncryptionKey && hasAppropriateKeyFlags;
}
}

View file

@ -24,7 +24,10 @@ import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.key.selection.key.PublicKeySelectionStrategy;
import org.pgpainless.key.selection.key.SecretKeySelectionStrategy;
public class HasKeyFlagSelectionStrategy {
/**
* Selection Strategy that accepts a key if it carries all of the specified key flags.
*/
public class HasAllKeyFlagSelectionStrategy {
public static class PublicKey extends PublicKeySelectionStrategy {

View file

@ -0,0 +1,71 @@
/*
* Copyright 2021 Paul Schaub.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.pgpainless.key.selection.key.impl;
import java.util.Iterator;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPSecretKey;
import org.bouncycastle.openpgp.PGPSignature;
import org.pgpainless.algorithm.KeyFlag;
import org.pgpainless.key.selection.key.PublicKeySelectionStrategy;
import org.pgpainless.key.selection.key.SecretKeySelectionStrategy;
/**
* Selection Strategies that accept a key if it carries at least one of the given key flags.
*/
public class HasAnyKeyFlagSelectionStrategy {
public static class PublicKey extends PublicKeySelectionStrategy {
private final int keyFlagMask;
public PublicKey(KeyFlag... flags) {
this(KeyFlag.toBitmask(flags));
}
public PublicKey(int mask) {
this.keyFlagMask = mask;
}
@Override
public boolean accept(PGPPublicKey key) {
Iterator<PGPSignature> signatures = key.getSignatures();
int flags = signatures.next().getHashedSubPackets().getKeyFlags();
return (keyFlagMask & flags) != 0;
}
}
public static class SecretKey extends SecretKeySelectionStrategy {
private final int keyFlagMask;
public SecretKey(KeyFlag... flags) {
this(KeyFlag.toBitmask(flags));
}
public SecretKey(int mask) {
this.keyFlagMask = mask;
}
@Override
public boolean accept(PGPSecretKey key) {
Iterator<PGPSignature> signatures = key.getPublicKey().getSignatures();
int flags = signatures.next().getHashedSubPackets().getKeyFlags();
return (keyFlagMask & flags) != 0;
}
}
}

View file

@ -34,9 +34,10 @@ import org.pgpainless.key.generation.type.KeyType;
import org.pgpainless.key.generation.type.ecc.EllipticCurve;
import org.pgpainless.key.generation.type.eddsa.EdDSACurve;
import org.pgpainless.key.generation.type.xdh.XDHCurve;
import org.pgpainless.key.selection.key.impl.HasKeyFlagSelectionStrategy;
import org.pgpainless.key.selection.key.impl.HasAllKeyFlagSelectionStrategy;
import org.pgpainless.key.selection.key.impl.HasAnyKeyFlagSelectionStrategy;
public class HasKeyFlagsSelectionStrategyTest {
public class KeyFlagBasedSelectionStrategyTest {
@Test
public void testKeyFlagSelectors() throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, PGPException {
@ -61,12 +62,14 @@ public class HasKeyFlagsSelectionStrategyTest {
// ENCRYPT_COMMS
PGPSecretKey s_encryptionKey = iterator.next();
HasKeyFlagSelectionStrategy.SecretKey s_certifyOther =
new HasKeyFlagSelectionStrategy.SecretKey(KeyFlag.CERTIFY_OTHER);
HasKeyFlagSelectionStrategy.SecretKey s_encryptComms =
new HasKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS);
HasKeyFlagSelectionStrategy.SecretKey s_encryptCommsEncryptStorage =
new HasKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
HasAllKeyFlagSelectionStrategy.SecretKey s_certifyOther =
new HasAllKeyFlagSelectionStrategy.SecretKey(KeyFlag.CERTIFY_OTHER);
HasAllKeyFlagSelectionStrategy.SecretKey s_encryptComms =
new HasAllKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS);
HasAllKeyFlagSelectionStrategy.SecretKey s_encryptCommsEncryptStorage =
new HasAllKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
HasAnyKeyFlagSelectionStrategy.SecretKey s_anyEncryptCommsEncryptStorage =
new HasAnyKeyFlagSelectionStrategy.SecretKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
assertTrue(s_certifyOther.accept(s_primaryKey));
assertFalse(s_certifyOther.accept(s_encryptionKey));
@ -81,16 +84,22 @@ public class HasKeyFlagsSelectionStrategyTest {
assertFalse(s_encryptCommsEncryptStorage.accept(s_primaryKey));
assertFalse(s_encryptCommsEncryptStorage.accept(s_signingKey));
assertTrue(s_anyEncryptCommsEncryptStorage.accept(s_encryptionKey));
assertFalse(s_anyEncryptCommsEncryptStorage.accept(s_primaryKey));
assertFalse(s_anyEncryptCommsEncryptStorage.accept(s_signingKey));
PGPPublicKey p_primaryKey = s_primaryKey.getPublicKey();
PGPPublicKey p_encryptionKey = s_encryptionKey.getPublicKey();
PGPPublicKey p_signingKey = s_signingKey.getPublicKey();
HasKeyFlagSelectionStrategy.PublicKey p_certifyOther =
new HasKeyFlagSelectionStrategy.PublicKey(KeyFlag.CERTIFY_OTHER);
HasKeyFlagSelectionStrategy.PublicKey p_encryptComms =
new HasKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS);
HasKeyFlagSelectionStrategy.PublicKey p_encryptCommsEncryptStorage =
new HasKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
HasAllKeyFlagSelectionStrategy.PublicKey p_certifyOther =
new HasAllKeyFlagSelectionStrategy.PublicKey(KeyFlag.CERTIFY_OTHER);
HasAllKeyFlagSelectionStrategy.PublicKey p_encryptComms =
new HasAllKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS);
HasAllKeyFlagSelectionStrategy.PublicKey p_encryptCommsEncryptStorage =
new HasAllKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
HasAnyKeyFlagSelectionStrategy.PublicKey p_anyEncryptCommsEncryptStorage =
new HasAnyKeyFlagSelectionStrategy.PublicKey(KeyFlag.ENCRYPT_COMMS, KeyFlag.ENCRYPT_STORAGE);
assertTrue(p_certifyOther.accept(p_primaryKey));
assertFalse(p_certifyOther.accept(p_encryptionKey));
@ -104,5 +113,9 @@ public class HasKeyFlagsSelectionStrategyTest {
"Must not accept the key, as it only carries ENCRYPT_COMMS, but not ENCRYPT_STORAGE");
assertFalse(p_encryptCommsEncryptStorage.accept(p_primaryKey));
assertFalse(p_encryptCommsEncryptStorage.accept(p_signingKey));
assertTrue(p_anyEncryptCommsEncryptStorage.accept(p_encryptionKey));
assertFalse(p_anyEncryptCommsEncryptStorage.accept(p_primaryKey));
assertFalse(p_anyEncryptCommsEncryptStorage.accept(p_signingKey));
}
}

View file

@ -56,6 +56,6 @@ public class TestEncryptCommsStorageFlagsDifferentiated {
.onOutputStream(out);
// since the key does not carry the flag ENCRYPT_COMMS, it cannot be used by the stream.
assertThrows(IllegalStateException.class, () -> builder.toRecipients(publicKeys));
assertThrows(IllegalArgumentException.class, () -> builder.toRecipients(publicKeys));
}
}